Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fhMZ-W-nltqp6twAhFpFIjMTsMI.roa
File: fhMZ-W-nltqp6twAhFpFIjMTsMI.roa (raw, json)
Hash identifier: kPqdwl8Pb4rIJIgt260iDNcB+1tITTXlxrqLADKlbmE=
Subject key identifier: 7E:13:19:F9:6F:A7:96:DA:A9:EA:DC:00:84:5A:45:22:33:13:B0:C2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184182F07E941952D2C6D0C341558CF6E31
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fhMZ-W-nltqp6twAhFpFIjMTsMI.roa
Signing time: Thu 27 Oct 2022 06:44:06 +0000
ROA not before: Thu 27 Oct 2022 06:44:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
82.115.208.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:18:2f:07:e9:41:95:2d:2c:6d:0c:34:15:58:cf:6e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 27 06:44:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e1319f96fa796daa9eadc00845a45223313b0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:5f:89:01:0b:f1:06:79:9d:06:fb:f5:a0:
d4:ce:20:a6:0a:79:00:6f:cd:6b:08:cc:c3:07:da:
41:aa:9d:67:1f:f6:0c:7a:ba:0a:92:d8:15:6c:e6:
05:f5:2d:d8:c2:8d:23:ee:28:0c:94:ce:d8:ef:e0:
34:e4:51:61:28:5d:d8:a8:af:f9:5c:49:23:24:23:
6a:e2:2e:90:95:76:47:ce:f6:94:77:be:cb:5b:c2:
e4:ea:98:29:44:66:6d:f4:c6:25:19:46:cd:c9:d6:
82:be:12:92:84:dc:44:c0:b1:9d:51:fb:d6:47:dc:
e2:4b:21:c2:04:3d:37:aa:1b:28:8c:5b:43:98:e8:
69:1e:f7:05:0a:97:f4:9f:7b:0e:80:29:75:69:8f:
09:7d:1a:a4:f5:08:0c:03:0d:d9:f6:ce:f9:e7:54:
a0:66:d0:16:c0:f2:76:6b:5b:f0:11:63:de:ca:12:
10:ad:11:f4:46:25:c7:8a:7d:c7:56:ca:ff:74:9e:
eb:d7:70:37:ea:1c:9c:61:a2:e0:ca:2d:d7:6a:e3:
9c:65:29:0c:39:72:12:14:e3:cf:a8:e9:a2:86:fa:
7b:c5:50:4a:85:3c:aa:e2:b8:3f:96:24:24:4f:01:
e8:2e:22:a9:74:29:47:30:3a:b5:1d:50:2d:fb:da:
74:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:13:19:F9:6F:A7:96:DA:A9:EA:DC:00:84:5A:45:22:33:13:B0:C2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fhMZ-W-nltqp6twAhFpFIjMTsMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
82.115.208.0/24
84.21.172.0/23
84.54.49.0/24
85.31.45.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0-178.215.227.255
178.215.239.0/24
185.216.69.0-185.216.70.255
185.246.221.0/24
193.25.217.0-193.25.218.255
193.35.19.0/24
193.47.63.0/24
194.55.224.0/23
194.55.227.0/24
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
42:72:04:5c:b9:2a:45:39:37:84:4c:f4:be:ad:52:ce:d7:13:
d4:76:74:cf:fe:16:3b:6b:38:df:c7:ec:47:97:bb:26:b4:3d:
05:f5:ec:61:73:9d:4c:4d:ce:42:01:36:70:1c:95:3d:d7:ea:
e3:2d:04:d4:63:c2:be:ec:4e:d1:c3:ee:6a:df:27:da:ed:6f:
7f:8a:cf:10:11:01:58:95:7f:f8:c5:be:16:fc:38:4a:91:05:
44:a0:90:c0:67:d7:26:da:e4:89:d4:8b:a7:ad:54:41:69:8c:
6c:6d:33:24:1c:81:0f:50:90:d6:55:39:51:e8:53:f7:73:79:
2d:2d:c0:32:a0:cb:b5:d3:9d:03:01:0c:23:1b:e4:c4:73:19:
e0:98:8c:cb:08:ee:8a:44:98:5e:b8:c7:53:d3:56:f6:e9:2e:
f9:68:df:48:8d:64:ab:7b:bf:8d:3e:5d:3f:94:b2:6d:72:6c:
7e:d8:0b:7f:03:f5:86:1b:cc:22:93:be:c2:2f:42:8a:48:10:
f9:67:1f:47:63:72:d8:4c:57:13:39:70:61:c7:3f:f6:58:0a:
04:7b:ee:00:a1:9e:d2:71:46:61:05:11:6b:dd:a6:b8:e2:e8:
9e:56:0f:c4:d5:fd:85:26:9c:f1:f2:09:33:79:48:d7:aa:be:
15:bd:3b:7a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYQYLwfpQZUtLG0MNBVYz24xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMDI3MDY0NDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTEzMTlmOTZmYTc5NmRhYTllYWRjMDA4NDVhNDUyMjMzMTNiMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUpfiQEL8QZ5nQb79aDUziCmCnkA
b81rCMzDB9pBqp1nH/YMeroKktgVbOYF9S3Ywo0j7igMlM7Y7+A05FFhKF3YqK/5
XEkjJCNq4i6QlXZHzvaUd77LW8Lk6pgpRGZt9MYlGUbNydaCvhKShNxEwLGdUfvW
R9ziSyHCBD03qhsojFtDmOhpHvcFCpf0n3sOgCl1aY8JfRqk9QgMAw3Z9s7551Sg
ZtAWwPJ2a1vwEWPeyhIQrRH0RiXHin3HVsr/dJ7r13A36hycYaLgyi3XauOcZSkM
OXISFOPPqOmihvp7xVBKhTyq4rg/liQkTwHoLiKpdClHMDq1HVAt+9p0wQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFH4TGflvp5baqercAIRaRSIzE7DCMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZmhNWi1XLW5sdHFwNnR3QWhGcEZJak1Uc01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBABQ
TDADBABSc9ADBAFUFawDBABUNjEDBABVHy0DBABVHy8DBABXeFcDBABemqwwDAME
ALLX4QMEArLX4AMEALLX7zAMAwQAudhFAwQAudhGAwQAufbdMAwDBADBGdkDBADB
GdoDBADBIxMDBADBLz8DBAHCN+ADBADCN+MDBADCtCQwDQYJKoZIhvcNAQELBQAD
ggEBAEJyBFy5KkU5N4RM9L6tUs7XE9R2dM/+FjtrON/H7EeXuya0PQX17GFznUxN
zkIBNnAclT3X6uMtBNRjwr7sTtHD7mrfJ9rtb3+KzxARAViVf/jFvhb8OEqRBUSg
kMBn1yba5InUi6etVEFpjGxtMyQcgQ9QkNZVOVHoU/dzeS0twDKgy7XTnQMBDCMb
5MRzGeCYjMsI7opEmF64x1PTVvbpLvlo30iNZKt7v40+XT+Usm1ybH7YC38D9YYb
zCKTvsIvQopIEPlnH0djcthMVxM5cGHHP/ZYCgR77gChntJxRmEFEWvdprji6J5W
D8TV/YUmnPHyCTN5SNeqvhW9O3o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:39 2024 by rpki-client on console-ams.rpki-client.org